Data Protection Act 1998

The Act 1998 relates to the way both public and private organisations manage personal information about individuals.

It sets out eight principles that should underpin this activity, outlining penalties - criminal convictions - for non-compliance.

Our course covers Data Protection Act issues pertinent to investigation and enforcement. The focus is on obtaining information to assist investigations and the safe, lawful and ethical exchange of data with others such as partnership agencies

Target audience

All individuals that come into contact with personal information during the course of investigations and enforcement

Aim

To ensure delegates understand how to manage personal data and lawful methods of exchanging information

Outcomes

To enable delegates to:

  • explain the purpose and principles of the Data Protection Act 1998
  • describe how the Act is enforced
  • specify exemptions from it
  • understand exemptions specific to investigation
  • be able to identify lawful business purposes for obtaining personal data
  • apply Section 29 request procedures
  • describe why it is important to handle information securely
  • explain the meaning of information assets, protective marking, descriptor and impact criteria (GPMS)
  • explain the meaning of restricted, confidential, secret and top secret (GPMS)
  • apply risk assessment to information dissemination
  • understand how to establish information sharing agreements
  • apply review and destruction policies
  • discuss privacy impact assessments

Delivery method

The sessions will be delivered using PowerPoint presentations, flipchart explanation, group discussion, individual tuition and practical exercises to reinforce the course outcomes.

Course design

Courses are designed around customers' requirements and adapted to their policies and procedures.

Information service

Data Protection Act support information
Support information for investigators on the Data Protection Act 1998